97 research outputs found
Design and Experimental Evaluation of a Route Optimisation Solution for NEMO
An important requirement for Internet protocol (IP)
networks to achieve the aim of ubiquitous connectivity is network
mobility (NEMO). With NEMO support we can provide Internet
access from mobile platforms, such as public transportation vehicles,
to normal nodes that do not need to implement any special
mobility protocol. The NEMO basic support protocol has been
proposed in the IETF as a first solution to this problem, but this
solution has severe performance limitations. This paper presents
MIRON: Mobile IPv6 route optimization for NEMO, an approach
to the problem of NEMO support that overcomes the limitations
of the basic solution by combining two different modes of operation:
a Proxy-MR and an address delegation with built-in routing
mechanisms. This paper describes the design and rationale of the
solution, with an experimental validation and performance evaluation
based on an implementation.Publicad
Network layer access control for context-aware IPv6 applications
As part of the Lancaster GUIDE II project, we have developed a novel wireless access point protocol designed to support the development of next generation mobile context-aware applications in our local environs. Once deployed, this architecture will allow ordinary citizens secure, accountable and convenient access to a set of tailored applications including location, multimedia and context based services, and the public Internet. Our architecture utilises packet marking and network level packet filtering techniques within a modified Mobile IPv6 protocol stack to perform access control over a range of wireless network technologies. In this paper, we describe the rationale for, and components of, our architecture and contrast our approach with other state-of-the- art systems. The paper also contains details of our current implementation work, including preliminary performance measurements
M2M Communications for E-Health and Smart Grid: An Industry and Standard Perspective
An overview of several standardization activities for machine-to-machine
(M2M) communications is presented, analyzing some of the enabling technologies
and applications of M2M in industry sectors such as Smart Grid and e-Health.
This summary and overview of the ongoing work in M2M from the industrial and
standardization perspective complements the prevalent academic perspective of
such publications to date in this field
Design and Validation of Receiver Access Control in the Automatic Multicast Tunneling Environment
Standard IP multicast offers scalable point-to-multipoint delivery, but no control over
who may send and who may receive the data stream. Participant Access Control has
been developed by Islam and Atwood, but only for multicast-enabled network regions.
Automatic Multicast Tunneling has been developed by the Internet Engineering Task
Force. It extends the range of multicast data distribution to unicast-only network
regions, but provides no Participant Access Control.
We have designed the additional features that AMT must have, so that AMT has
the necessary Participant Access Control at the receiver's end in the AMT environment. In addition, we have validated our design model using the AVISPA formal
modeling tool, which confirms that the proposed design is secure
Internet Authentication for Remote Access
It is expected that future IP devices will employ a variety of
different network access technologies to gain ubiquitous
connectivity. Currently there are no authentication protocols
available that are lightweight, can be carried over arbitrary
access networks, and are flexible enough to be re-used in the
many different contexts that are likely to arise in future
Internet remote access. Furthermore, existing access procedures
need to be enhanced to offer protection against
Denial-of-Service (DoS) attacks, and do not provide
non-repudiation. In addition to being limited to specific
access media, some of these protocols are limited to specific
network topologies and are not scalable.
This thesis reviews the authentication infrastructure
challenges for future Internet remote access supporting
ubiquitous client mobility, and proposes a series of solutions
obtained by adapting and reinforcing security techniques
arising from a variety of different sources. The focus is on
entity authentication protocols that can be carried both by the
IETF PANA authentication carrier and by the EAP mechanisms, and
possibly making use of an AAA infrastructure. The core idea is
to adapt authentication protocols arising from the mobile
telecommunications sphere to Internet remote access. A proposal
is also given for Internet access using a public key based
authentication protocol. The subsequent security analysis of
the proposed authentication protocols covers a variety of
aspects, including: key freshness, DoS-resistance, and
"false-entity-in-the-middle" attacks, in addition to identity
privacy of users accessing the Internet via mobile devices.
This work aims primarily at contributing to ongoing research on
the authentication infrastructure for the Internet remote
access environment, and at reviewing and adapting
authentication solutions implemented in other spheres, for
instance in mobile telecommunications systems, for use in
Internet remote access networks supporting ubiquitous mobilit
A prototype and demonstrator of Akogrimo’s architecture: An approach of merging grids, SOA, and the mobile Internet
The trend of merging telecommunication infrastructures with traditional Information Technology (IT) infrastructures is ongoing and important for commercial service providers. The driver behind this development is, on one hand, the strong need for enhanced services and on the other hand, the need of telecommunication operators aiming at value-added service provisioning to a wide variety of customers. In the telecommunications sector, the IP Multimedia Subsystem (IMS) is a promising service platform, which may become a ''standard'' for supporting added-value services on top of the next generation network infrastructure. However, since its range of applicability is bound to SIP- enabled services, IMS extensions are being proposed by ''SIPifying'' applications. In parallel to these developments within the traditional IT sector, the notion of Virtual Organizations (VO) enabling collaborative businesses across organizational boundaries is addressed in the framework of Web Services (WS) standards implementing a Service-oriented Architecture (SOA). Here, concepts for controlled resource and service sharing based on WS and Semantic Technologies have been consolidated. Since the telecommunications sector has become, in the meantime ''mobile'', all concepts brought into this infrastructure must cope with the dynamics mobility brings in. Therefore, within the Akogrimo project the VO concept has been extended towards a Mobile Dynamic Virtual Organization (MDVO) concept, additionally considering key requirements of mobile users and resources. Especial attention is given to ensure the duality of the merge of both, SOA and IMS approaches to holistically support SOA-enabled mobile added-value services and their users. This work describes major results of the Akogrimo project, paying special attention to the overall Akogrimo architecture, the prototype implemented, and the key scenario in which the instantiated Akogrimo architecture shows a very clear picture of applicability, use, and an additional functional evaluation
Defining the Behavior of IoT Devices through the MUD Standard: Review, Challenges, and Research Directions
With the strong development of the Internet of Things (IoT), the definition of IoT devices' intended behavior is key for an effective detection of potential cybersecurity attacks and threats in an increasingly connected environment. In 2019, the Manufacturer Usage Description (MUD) was standardized within the IETF as a data model and architecture for defining, obtaining and deploying MUD files, which describe the network behavioral profiles of IoT devices. While it has attracted a strong interest from academia, industry, and Standards Developing Organizations (SDOs), MUD is not yet widely deployed in real-world scenarios. In this work, we analyze the current research landscape around this standard, and describe some of the main challenges to be considered in the coming years to foster its adoption and deployment. Based on the literature analysis and our own experience in this area, we further describe potential research directions exploiting the MUD standard to encourage the development of secure IoT-enabled scenarios
An identity based framework for security and privacy in pervasive networks
Master'sMASTER OF ENGINEERIN
- …